DESCRIPTION

There are a number of good packages on the CPAN to handle working with the GitHub API, but none that provide a (relatively) lightweight, straight-forward way to generate OAuth2 tokens.

This package implements the procedure described in GitHub Developer's Guide "Non-Web Application Flow" to create authorization tokens; that is, authorization tokens that can be stored, managed, reused and revoked without needing to store (or otherwise acquire) a user password.

Exports

Technologies

This package uses and returns OAuth2 authorization tokens, and uses V3 of the GitHub API.

Legal Scopes

The formal list of supported scopes can be found at the GitHub OAuth API reference (note this list is taken almost verbatim from that page). If a scope appears there but not here, please file an issue against this package (as the author has likely not noticed it yet).

(no scopes given)

public read-only access (includes public user profile info, public repo info, and gists).

user

Read/write access to profile info only. Note: this scope includes user:email and user:follow.

user:email

Read access to a user’s email addresses.

user:follow

Access to follow or unfollow other users.

public_repo

Read/write access to public repos and organizations.

repo

Read/write access to public and private repos and organizations.

repo:status

Read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code. The repo and public_repo scopes already include access to commit status for private and public repositories respectively.

A link that describes why the authorization has been generated We throw an exception on error or failure, and return the structure describing the new authorization token (and the token itself, as described below) on success.

client_id (required if client_secret is given)

If requesting an authorization for a specific app, pass its client key here.

client_secret (required if client_id is given)

If requesting an authorization for a specific app, pass its client secret here.

On success...

A successful return from get_gh_token() will look something like this:

SSL VALIDATION

While this satisfies the "let's be cautious" alarms in the author's head, this may be too paranoid or not paranoid enough for you. If so, please file an issue or pull request and we'll work something out.

LIMITATIONS

This package currently has no capabilities for deleting, altering, or otherwise doing anything with tokens outside of creating them.

SEE ALSO

Please see those modules/websites for more information related to this module.